Microsoft Intune and Apple Mac Management

The Microsoft Intune team recently announced the ability to enroll and manage the Apple Mac. I’m happy to say that the feature has been deployed as part of the recent Intune release. Today’s post will focus on Mac enrollment and management via Intune.

Log in with an Azure Active Directory (Azure AD) user credential (someone who also has an Intune license assigned):

Notice the customization of the login page, this can all be changed via Azure Active Directory in the Azure portal.

Select “This device is either not enrolled or the Company Portal can’t identify it.”

Note: if you cancel out of the enrollment and go back later and don’t see the option to enroll, clear browsing history and close down Safari then reopen Safari, login, and the option should show up again.

Select “ENROLL” to begin the Intune enrollment process.

Select “Install” to install the Intune management profile.

Select “Show Profile” to view more about the profile being installed and select “Install” to continue with the installation. Depending on your settings you may be promoted to type in your Mac account password.

Another install prompt may appear, select “Show Profile” again to show the new information and rights being deployed. When finished reviewing, select “Continue” and “Install”.

Once the profiles are installed you’ll see a screen similar to the following:

After installation is complete, the enrollment windows in Safari will remain open. Go ahead and close those out and refresh the page that has “My Devices” on it. After the reload is complete, the Mac will show up with a check box.

Select the Mac to view whether or not it’s in compliance:

Once Mac’s are enrolled they’ll download and apply policies whether created before or after enrollment.